steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
No description
343 commits 12 branches 0 tags 4.9 MiB
Find a file
Stefan Junker 4428c88913 nix/os/devices/steveej-t480s-work: bump versions
2019-07-05 12:08:07 +02:00
.git-crypt Add 1 git-crypt collaborator 2019-01-16 21:24:25 +01:00
_archive nix: mv container-images from archive 2018-11-12 11:16:50 +01:00
certificates steveej-480s-work: add Satellite certificate 2019-02-04 09:25:13 +01:00
nix nix/os/devices/steveej-t480s-work: bump versions 2019-07-05 12:08:07 +02:00
services/ffld/router-wan.lan ffld/router-wan.lan: initial config 2019-02-26 21:53:16 +01:00
.envrc add envrc and shell.nix with 'just' pkg 2018-11-10 12:04:18 +01:00
.gitattributes use git-encrypt for secrets 2018-01-26 20:37:44 +01:00
.gitignore git: ignore .env file 2019-01-02 18:20:58 +01:00
.gitlab-ci.yml gitlab-ci: init config 2018-11-18 00:51:46 +01:00
Justfile Justfile: display keyboard shortcut for xephyr 2019-06-30 20:16:17 +02:00
README.md README: update roadmap 2019-02-09 00:13:04 +01:00
shell.nix nix: create overlay and use it throughout the repo 2019-01-27 00:01:00 +01:00

README.md

steveej's infra

This repository helps me to manage all computer infrastructure. This is mostly achieved with the help of Nix.

In the unlikely case that you actually read this and have any questions please don't hesitate to reach out.

Initial Roadmap

  • All graphical systems (incl. install media) must have
    • Full-disk encryption by default
    • Yubikey support with SSH auth
  • Migrate all devices to new structure
    • Encrypted Install media
    • steveej-laptop
    • steveej-laptop-work
  • Migrate home environment to new structure
    • home-manager
    • pkgs-configuration
    • development environments
  • (Semi-) automatic synchronization of important repositories
    • Modification strategy The approach is to use vcsh for the dotfiles
    • dotfiles
  • Toplevel Justfile for simple actions
    • mount/umount disks
    • install to mounted disk
    • rebuild running system
    • update running system
    • annotate recipes with some documentation
    • declare shell.nix with runtime deps
    • partition/encrypt/format disks
  • Document bootstrap process
    • a new machine
    • an install media
  • Design disaster recovery
  • Automatic synchronization of other state files - see https://gitlab.com/steveeJ/nix-expressions/issues/2
  • Recycle _archived
  • Maybe make this a nix-overlay

Bugs

  • home-manager leaves ~/.gnupg at 0755

Usage

(These are reminders for my future self)

just --list

Bootstrap

A new machine

  1. boot with an install media
  2. clone infra repository